Medusa Ransomware Targets Over 300 Critical Infrastructure Organizations in the U.S. by February 2025

The Medusa ransomware has affected more than 300 organizations in critical infrastructure sectors in the United States up until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing the tactics, techniques, and indicators of compromise (IOCs) of Medusa ransomware, based on FBI investigations up to February 2025. This advisory is part of the #StopRansomware campaign.